Search

Editors

Richard L. Cassin Publisher and Editor

Andy Spalding Senior Editor

Jessica Tillipman Senior Editor

Harry Cassin Managing Editor


Elizabeth K. Spahn Editor Emeritus

Cody Worthington Contributing Editor

Julie DiMauro Contributing Editor

Thomas Fox Contributing Editor

Marc Alain Bohn Contributing Editor

Bill Waite Contributing Editor

Shruti J. Shah Contributing Editor

Russell A. Stamets Contributing Editor

Richard Bistrong Contributing Editor 

Eric Carlson Contributing Editor

Bill Steinman Contributing Editor

Aarti Maharaj Contributing Editor


FCPA Blog Daily News

« Bill Steinman: Managing mandatory subcontracts on offset deals | Main | Resource Alert: International Commercial Bribery Webinar (February 22 and 27) »
Wednesday
Feb212018

Richard Bistrong: Who’s gaming your compliance program? 

Instead of completing compliance training modules on their own, three Credit Suisse bankers had their administrative assistants do the work for them.

The admins logged in with their boss's credentials and completed two modules -- "Understanding Money Laundering, Terrorist Financing, Sanctions and Corruption" and "Global Records Management."

Wall Street's independent regulator, FINRA, found out about the cheating and ordered all three bankers to give back part of their 2015 bonuses.

That reminded me . . . . .

Ten years ago, while I was cooperating with the FBI and using a computer the FBI was monitoring, several agents and intermediaries sent me due-diligence self-assessments to complete on their behalf. The self assessments were part of the vetting process for a well-known multinational.

One thing I noticed right away, other than my being an unlikely candidate then to complete an anti-bribery self-assessment, was that the requests came from agents where English was a second language, and yet all of the self-assessments were in English.

Of course, agents who send self-assessments to someone else to complete probably aren't "best in class" in terms of ethics and compliance. And while I declined to complete the assessments, some of those agents were successfully on-boarded. 

In another example, a few years ago, I was chatting on the phone with a good friend who worked then for a global bank. In the background, I heard “FCPA” and I asked what that was about. He said he was going through his annual anti-bribery training.

I said, “Hey, your best friend got locked up for breaking that law. How about ending our call, paying attention, and let’s talk later.”

When I posted the Credit Suisse article on LinkedIn, Marc Leu, a compliance and risk management executive, asked: “Is it because of the culture, because they don’t care, or is it because it is the same training they have been doing for the last three years and the content does not address the real questions, nor does it give useful answers, re how to deal with difficult situations.”

Those are great questions. How do we engage a globally disbursed workforce with effective training that's  tailored to someone’s role and knowledge base?

As my three examples show, how do we even know (or how can we know) that people are using and completing the modules on their own?

The solution is often a combination of multiple platforms and training content, where face-to-face instruction is combined and complemented with e-learning programs, video and other material.

I often hear compliance leaders say, “It’s good to change things up.” That's true. Different compliance perspectives can spark the "difficult discussions" I often talk about. That's why it's healthy to use multiple tools that don't stop at a desk-top, lap-top or smart device. Creating an interactive experience across numerous platforms makes things more memorable and easier to share and retain.

On-line training and self-assessments have value and can be an important part of training and on-boarding. But when they stand alone -- separate from more adaptive education and deep-dive due-diligence solutions -- they easily be discarded, diluted, and gamed by the people who need them the most. Worse, as the three examples demonstrate, standing alone, they can lead to a false and dangerous sense of complacency that "all is ok" when those responses are collected, aggregated and even scrutinized.

____

Richard Bistrong is a contributing editor of the FCPA Blog and CEO of Front-Line Anti-Bribery LLCIn 2010 he pleaded guilty to a conspiracy to violate the FCPA and served fourteen-and-a-half months at a U.S. federal prison camp. He was named to Compliance Week's list of Top Minds in 2017 and was one of Ethisphere's 100 Most Influential in Business Ethics in 2015. 

His popular real-life compliance training video, Behind the Bribe, produced in cooperation with Mastercard, was released in 2017.

To request a demo of the full eleven-minute video or a licensing fee schedule, please click here.

Reader Comments (1)

All very good points - but let me add one. Most compliance training teaches too much. I learned that the hard way. Training should focus on fundamentals, issue spotting, and how to get help that won't impede ones business. When we tested and piloted online training to see if we were actually teaching anything (this was at GE in the aughts) we discovered that we were - painfully - overloading the teaching. Simple was more effective (and more likely to be completed)
February 21, 2018 | Unregistered CommenterPeter Y Solmssen
Comments for this entry have been disabled. Additional comments may not be added to this entry at this time.